The ABS protects your privacy and is committed to keeping your information safe and secure. We have a strong data protection culture and extensive experience in keeping data secure as Australia’s national statistical organisation and as an Accredited Integrating Authority.
We handle your personal information with utmost care to meet our legislative requirements and public expectations.
We adhere to the Privacy Act 1988 and to the Australian Privacy Principles (APPs), which govern how we collect and use personal information.
We are also bound by the secrecy requirements of the Census and Statistics Act 1905, which ensures that information collected for a statistical purpose cannot be released in a manner that is likely to enable the identification of any person or business.
In addition to the Privacy Act 1988 and APPs, the Australian Government Agencies Privacy Code sets out specific requirements and key practical steps that requires agencies to move toward a best practice approach to privacy governance to help build a consistent, high standard of personal information management across all Australian Government agencies.
We take a privacy-by-design approach in order to manage risks. This means that we assess privacy risks at every stage of data integration - project initiation and approval, the acquisition and linking of data, and access to and analysis of data.
Privacy Impact Assessments
A Privacy Impact Assessment (PIA) is a systematic assessment that helps us identify and manage the privacy impacts of a data integration project. The ABS Privacy Impact Assessments webpage contains a list of PIAs that have been conducted for ABS projects, including MADIP. Privacy threshold assessments are undertaken for all data integration projects, and a full PIA will be conducted as required in accordance with the Office of the Australian Information Commissioner (OAIC) guide to undertaking a PIA.
Policies and standards
High Level Principles for Data Integration
All of our data integration activities are conducted in line with the seven High Level Principles for Data Integration, which are the established protocols for the safe and secure integration of Commonwealth data for research and statistical purposes.
Our data integration projects:
Government security standards
The ABS adheres to Australian Government standards for information, personnel, and physical security. Our data integration systems and processes conform to the IT security arrangements set out in the Information Security Manual, which is part of the Australian Government's Protective Security Policy Framework.
A data breach occurs when personal information that is held by an organisation is lost or subjected to unauthorised access or disclosure. In the unlikely event of a data breach, the ABS will respond in accordance with the Notifiable Data Breaches Scheme.
Safe data handling
The Separation Principle and Functional Separation
The ABS collects two types of information for use in data integration projects:
The Separation Principle is applied when we undertake data integration activities. This means personal identifiers are stored separately from other information, and no one can view both personal identifiers and analytical information at the same time.
We adhere to the Separation Principle by implementing functional separation (or roles) in all data integration projects. This means that staff undertaking data linkage projects only have access to the information that they need to perform their assigned role - no one has access to the identifying details of an individual or business at the same time as other information about that individual or business.
Five Safes Framework
The Fives Safes Framework takes a multi-dimensional approach to managing disclosure risk by accounting for each independent but related aspect of disclosure risk. The framework poses specific questions to help assess and describe each risk aspect in a qualitative way. This allows data custodians to place appropriate controls on the manner in which data are accessed.
ABS Privacy Policies provides more about how we protect your privacy.